Amazon Linux AMI : kernel Multiple Vulnerabilities (ALAS-2013-218)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Amazon Linux AMI host is missing a security update.

Description :

A NULL pointer dereference flaw was found in the Linux kernel's ftrace
and function tracer implementations. A local user who has the
CAP_SYS_ADMIN capability could use this flaw to cause a denial of
service. (CVE-2013-3301)

The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions
in net/key/af_key.c in the Linux kernel before 3.10 do not initialize
certain structure members, which allows local users to obtain
sensitive information from kernel heap memory by reading a broadcast
message from the notify interface of an IPSec key_socket.

The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux
kernel before 3.10 allows local users to cause a denial of service
(system crash) by using an AF_INET6 socket for a connection to an IPv4
interface.

net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote
attackers to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact via an
auth_reply message that triggers an attempted build_request operation.
(CVE-2013-1059)

See also :

http://www.nessus.org/u?af52f171

Solution :

Run 'yum update kernel' to update your system.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: Amazon Linux Local Security Checks

Nessus Plugin ID: 70222 ()

Bugtraq ID:

CVE ID: CVE-2013-1059
CVE-2013-2232
CVE-2013-2234
CVE-2013-3301